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Software protection is one of the most innportant issues concerning computer practice. 
There exist many heuristics and ad-hoc methods for protection, but the problem as a 
whole has not received the theoretical treatment it deserves. In this paper, we provide 
theoretical treatment of software protection. We reduce the problem of software 
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This paper develops a virtual connection model, complete with intruder, for interactive 
terminal-host communication and presents a set of protection goals that characterize the 
security that can be provided for a physically unsecured connection. Fundamental 
requirements for protocols that achieve these goals and the role of encryption in the 
design of such protocols are examined. Functional and security constraints on positioning 
of protection protocols in a communication system and the imp ... 

5 ( How) can mobile a g ents do secure electronic transactions on untrusted hosts? A 
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This article investigates if and how mobile agents can execute secure electronic 
transactions on untrusted hosts. An overview of the security issues of mobile agents is 
first given. The problem of untrusted (i.e., potentially malicious) hosts is one of these 
issues, and appears to be the most difficult to solve. The current approaches to counter 
this problem are evaluated, and their relevance for secure electronic transactions is 
discussed. In particular, a state-of-the-art survey of mobile agen ... 
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Full text available: ^ pdf(276.25 KB) Additional Information: full citation , abstract , references , citings 

Most of today's computers are connected to the Internet or at least to a local network, 
exposing system vulnerabilities to the potential attackers. One of the attackers' goals is 
the execution of the unauthorized code. In this paper we propose a framework that will 
allow execution of the trusted code only and prevent malicious code from executing. The 
proposed framework relies on the run-time verification of basic block signatures. The 
basic block signatures are generated during a trusted instal ... 

Keywords: computer security, intrusion detection, trusted execution 
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Smart cards are vulnerable to both invasive and non-invasive attacks. Specifically, non- 
invasive attacks using power and timing measurements to extract the cryptographic key 
has drawn a lot of negative publicity for smart card usage. The power measurement 
techniques rely on the data-dependent energy behavior of the underlying system. Further, 
power analysis can be used to identify the specific portions of the program being executed 
to induce timing glitches that may in turn help to bypass key ch ... 
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May 2006 Proceeding of the 28th international conference on Software engineering 
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Full text available: 'Q pdf(99.00 KB ) Additional Information: full citation , abstract , references , index terms 

We present a tool for analysis and detection of malicious mobile code such as computer 
viruses andjnternet worms based on the combined use of code simulation, static code 
analysis, and OS execution emulation. Unlike traditional anti-virus methods, the tool 
directly inspects the code and Identifies commonly found malicious behaviors such as 
mass mailing, self duplication, and registry overwrite without relying on ' ' pattern files" 
that contain ' 'signatures" of previously captured samples. The p ... 
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Distributed operating systems have nnany aspects in common with centralized ones, but 
they also differ in certain ways. This paper Is intended as an introduction to distributed 
operating systems, and especially to current university research about them. After a 
discussion of what constitutes a distributed operating system and how It is distinguished 
from a computer network, various key design issues are discussed. Then several 
examples of current research projects are examined in some detail ... 
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Smartphones have recently become increasingly popular because they provide "all-in-one" 
convenience by integrating traditional mobile phones with handheld computing devices. 
However, the flexibility of running third-party softwares also leaves the smartphones open 
to malicious viruses. In fact, hundreds of smartphone viruses have emerged in the past 
two years, which can quickly spread through various means such as SMS/MMS, Bluetooth 
and traditional IP-based applications. Our own implementatio ... 
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In the last decade, it has become apparent that embedded systems are integral parts of 
our every day lives. The wireless nature of many embedded applications as well as their 
omnipresence has made the need for security and privacy preserving mechanisms 
particularly important. Thus, as field programmable gate arrays (FPGAs) become integral 
parts of embedded systems, it is imperative to consider their security as a whole. This 
contribution provides a state-of-the-art description of security Issues ... 
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This paper presents SCUBA (Secure Code Update By Attestation), for detecting and 
recovering compronnised nodes In sensor networks. The SCUBA protocol enables the 
design of a sensor network that can detect compromised nodes without false negatives, 
and either repair them through code updates, or revoke the compromised nodes. The 
SCUBA protocol represents a promising approach for designing secure sensor networks by 
proposing a first approach for automatic recovery of compromised sensor nodes. The 5 ... 
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Imagine there is certain content we want to maintain private until some particular event 
occurs, when we want to have it automatically disclosed. Suppose, furthermore, that we 
want this done in a (possibly) malicious host. Say the confidential content is a piece of 
code belonging to a computer program that should remain ciphered and then "be 
triggered" (i.e., deciphered and executed) when the underlying system satisfies a 
preselected condition, which must remain secret after code ins ... 

Keywords: Malicious host problem, mobile code security, obfuscation, secure triggers, 
universally composable security 



16 A functional taxonomy for software watermarking 
Jasvir Nagra, Clark Thomborson, Christian Collberg 

January 2002 Australian Computer Science Communications , Proceedings of the 

twenty-fifth Australasian conference on Computer science - Volume 4 

ACSC '02, Volume 24 Issue 1 

Publisher: Australian Computer Society, Inc., IEEE Computer Society Press 

Full text available: fii pdf(1 .1 9 MB) Additional Information: full citation, abstract , references , cited by . index 

Despite the recent surge of interest in digital watermarking technology from the research 
community, we lack a comprehensive and precise terminology for software watermarking. 
In this paper, we attempt to fill that gap by giving distinctive names for the various 
protective functions served by software watermarks: Validation Mark, Licensing Mark, 
Authorship Mark and Fingerprinting Mark. We identify the desirable properties and specific 
vulnerabilities of each type of watermark, and we illustrate ... 
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The Escrowed Encryption Standard (EES) defines a US Government family of 
cryptographic processors, popularly known as "Clipper" chips, Intended to protect 
unclassified government and private-sector communications and data. A basic feature of 
key setup between pairs of EES processors involves the exchange of a "Law Enforcement 
Access Field" (LEAF) that contains an encrypted copy of the current session key. The LEAF 
is intended to facilitate government access to the cl ... 
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A novel power attack resistant cryptosystem is presented in this paper. Security in digital 
computing and communication is becoming increasingly important. Design techniques that 
can protect cryptosystems from leaking information have been studied by several groups. 
Power attacks, which infer program behavior from observing power supply current into a 
processor core, are important forms of attacks. Various methods have been proposed to 
countermeasure the popular and efficient power attacks. Howe ... 
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User-adaptive applications cater to the needs of each individual computer user, taking for 
example users' interests, level of expertise, preferences, perceptual and motoric abilities, 
and the usage environment into account. Central user modeling servers collect and 
process the information about users that different user-adaptive systems require to 
personalize their user interaction. Adaptive systems are generally better able to cater to 
users the more data their user modeling systems collect and ... 
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